Skip to main content
CVE-2024-0795 HIGH POC PATCH This Week

If an attacked was given access to an instance with the admin or manager role there is no backend authentication that would prevent the attacked from creating a new user with an `admin` role and then. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Anythingllm
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2024-25063 HIGH This Week

Due to insufficient server-side validation, a successful exploit of this vulnerability could allow an attacker to gain access to certain URLs that the attacker should not have access to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Hikcentral Professional
NVD
CVSS 3.1
7.5
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy